Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/mBi5180Q6XSqU4z0VEG3eg0BsMg.roa
File: mBi5180Q6XSqU4z0VEG3eg0BsMg.roa (raw, json)
Hash identifier: hpsuD91q9MIdHBfYrXMLwcW5PJ2E57xhYOypYCFDXb0=
Subject key identifier: 98:18:B9:D7:CD:10:E9:74:AA:53:8C:F4:54:41:B7:7A:0D:01:B0:C8
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01909BEE5C4A0FB3D4B50E157A80DDF78F9E
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/mBi5180Q6XSqU4z0VEG3eg0BsMg.roa
Signing time: Wed 10 Jul 2024 09:16:47 +0000
ROA not before: Wed 10 Jul 2024 09:16:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12301
IP address blocks: 79.172.226.0/24 maxlen: 24
79.172.230.0/23 maxlen: 23
87.229.20.0/23 maxlen: 23
87.229.40.0/24 maxlen: 24
87.229.51.0/24 maxlen: 24
87.229.56.0/24 maxlen: 24
95.138.198.0/24 maxlen: 24
213.181.218.0/24 maxlen: 24
217.113.52.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:ee:5c:4a:0f:b3:d4:b5:0e:15:7a:80:dd:f7:8f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jul 10 09:16:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9818b9d7cd10e974aa538cf45441b77a0d01b0c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ce:da:3e:59:4f:01:5c:19:8b:fd:ac:39:ca:
fd:d7:9a:64:c4:73:ba:94:3d:c3:52:62:07:cf:f7:
0d:5c:2c:dc:f7:b3:19:27:44:36:b4:f0:75:8c:2d:
d9:a9:25:2f:0f:f3:43:8b:25:a9:5a:e1:62:d3:25:
6b:38:64:b2:97:d1:7c:60:ec:f1:0b:d6:b2:3b:22:
47:42:4c:35:84:19:da:5e:de:e8:91:bb:28:02:50:
6c:ce:f0:16:f9:15:3f:b0:e2:ac:1d:51:81:9d:74:
2f:f3:da:a5:0b:6f:09:af:76:23:d8:6c:ab:c0:52:
25:4c:6f:08:27:9d:88:a7:50:25:2d:09:18:47:e6:
6c:78:4d:8d:4e:71:56:de:35:a2:af:8f:c9:a9:ab:
dc:04:11:4e:a9:03:86:ba:dd:3c:46:bc:51:7b:e7:
49:23:9a:e7:62:9e:a4:79:76:58:65:1b:57:9f:2a:
ca:48:1e:c5:1f:0b:d4:0b:9f:21:b1:4c:aa:80:4c:
ac:eb:84:92:21:0d:1a:30:9e:86:58:88:a8:44:ca:
aa:41:cf:6b:82:2e:63:4c:13:d7:6a:d7:f3:d0:71:
cc:54:73:a3:cf:10:19:9b:df:46:5a:db:78:19:a6:
39:7e:33:24:13:da:f9:50:bb:b1:e8:07:5f:54:f5:
d5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:18:B9:D7:CD:10:E9:74:AA:53:8C:F4:54:41:B7:7A:0D:01:B0:C8
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/mBi5180Q6XSqU4z0VEG3eg0BsMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.226.0/24
79.172.230.0/23
87.229.20.0/23
87.229.40.0/24
87.229.51.0/24
87.229.56.0/24
95.138.198.0/24
213.181.218.0/24
217.113.52.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:2f:58:cc:3d:00:dd:c6:d1:f7:02:fc:1a:f9:72:59:dc:31:
3d:46:b9:7f:c5:ee:a5:f8:57:d1:2d:ad:64:ad:be:2d:a4:6c:
da:5d:98:5e:26:2c:98:03:28:97:74:67:b1:d2:f5:96:42:89:
9d:97:36:a4:48:53:39:40:66:b6:c2:fa:74:9f:29:44:5e:9b:
2f:46:6d:1a:95:71:13:50:28:2e:0b:4c:23:c8:69:98:5f:55:
40:f4:64:12:f1:20:8a:cf:f1:64:a8:ba:83:74:20:80:26:5d:
a4:47:ea:96:65:b4:53:cd:da:3f:7f:dc:26:39:07:34:51:38:
10:d1:76:5c:17:da:49:95:5e:5b:b5:c9:88:ca:4a:4f:39:89:
f9:84:fc:89:e3:b1:b4:f9:bd:d8:17:c3:f6:65:16:5c:12:dd:
e0:ad:ca:37:98:83:4c:52:0e:21:39:5e:b6:54:6a:e7:59:e8:
ee:50:37:5a:97:d8:99:50:b8:9a:22:4e:b5:53:00:9e:aa:ba:
73:b3:29:8c:4a:1c:26:4e:22:88:93:b4:fe:c0:bf:54:50:1d:
19:81:40:35:0b:ba:16:a6:ba:c1:d1:65:c8:de:47:92:44:51:
1b:2f:be:85:71:be:74:07:8e:c4:b9:e7:48:82:81:69:f4:f7:
1f:b0:8a:69
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZCb7lxKD7PUtQ4VeoDd94+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwNzEwMDkxNjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODE4YjlkN2NkMTBlOTc0YWE1MzhjZjQ1NDQxYjc3YTBkMDFiMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc7aPllPAVwZi/2sOcr915pkxHO6
lD3DUmIHz/cNXCzc97MZJ0Q2tPB1jC3ZqSUvD/NDiyWpWuFi0yVrOGSyl9F8YOzx
C9ayOyJHQkw1hBnaXt7okbsoAlBszvAW+RU/sOKsHVGBnXQv89qlC28Jr3Yj2Gyr
wFIlTG8IJ52Ip1AlLQkYR+ZseE2NTnFW3jWir4/JqavcBBFOqQOGut08RrxRe+dJ
I5rnYp6keXZYZRtXnyrKSB7FHwvUC58hsUyqgEys64SSIQ0aMJ6GWIioRMqqQc9r
gi5jTBPXatfz0HHMVHOjzxAZm99GWtt4GaY5fjMkE9r5ULux6AdfVPXVSwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJgYudfNEOl0qlOM9FRBt3oNAbDIMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvbUJpNTE4MFE2WFNxVTR6MFZFRzNlZzBCc01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAT6ziAwQB
T6zmAwQBV+UUAwQAV+UoAwQAV+UzAwQAV+U4AwQAX4rGAwQA1bXaAwQA2XE0MA0G
CSqGSIb3DQEBCwUAA4IBAQAvL1jMPQDdxtH3Avwa+XJZ3DE9Rrl/xe6l+FfRLa1k
rb4tpGzaXZheJiyYAyiXdGex0vWWQomdlzakSFM5QGa2wvp0nylEXpsvRm0alXET
UCguC0wjyGmYX1VA9GQS8SCKz/FkqLqDdCCAJl2kR+qWZbRTzdo/f9wmOQc0UTgQ
0XZcF9pJlV5btcmIykpPOYn5hPyJ47G0+b3YF8P2ZRZcEt3grco3mINMUg4hOV62
VGrnWejuUDdal9iZULiaIk61UwCeqrpzsymMShwmTiKIk7T+wL9UUB0ZgUA1C7oW
prrB0WXI3keSRFEbL76Fcb50B47EuedIgoFp9PcfsIpp
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:09 2025 by rpki-client